Closed mattab closed 13 years ago
Attachment: phpinfo phpinfo.html
Attachment: phpinfo-xserve.html
PHP Version 5.2.6
System FreeBSD woefwafserver 7.0-STABLE-200804 FreeBSD 7.0-STABLE-200804 #0: Thu Apr 10 20:40:56 UTC 2008 root@logan.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386
Build Date Jul 22 2008 22:04:49
Configure Command './configure' '--with-layout=GNU' '--with-config-file-scan-dir=/usr/local/etc/php' '--disable-all' '--enable-libxml' '--with-libxml-dir=/usr/local' '--enable-reflection' '--program-prefix=' '--enable-force-cgi-redirect' '--enable-discard-path' '--enable-fastcgi' '--with-regex=php' '--with-zend-vm=CALL' '--enable-zend-multibyte' '--prefix=/usr/local' '--mandir=/usr/local/man' '--infodir=/usr/local/info/'
Server API CGI/FastCGI
Virtual Directory Support disabled
Configuration File (php.ini) Path /usr/local/etc
Loaded Configuration File /usr/local/etc/php.ini
Scan this dir for additional .ini files /usr/local/etc/php
additional .ini files parsed /usr/local/etc/php/extensions.ini
PHP API 20041225
PHP Extension 20060613
Zend Extension 220060519
Debug Build no
Thread Safety disabled
Zend Memory Manager enabled
IPv6 Support enabled
Registered PHP Streams compress.bzip2, php, file, data, http, ftp, https, ftps, zip, compress.zlib
Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, sslv2, tls
Registered Stream Filters bzip2.*, convert.iconv.*, string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed, zlib.*
This server is protected with the Suhosin Patch 0.9.6.2
Copyright (c) 2006 Hardened-PHP Project
This program makes use of the Zend Scripting Language Engine:
Zend Engine v2.2.0, Copyright (c) 1998-2008 Zend Technologies
PHP Credits
Configuration
PHP Core
Directive Local Value Master Value
allow_call_time_pass_reference On On
allow_url_fopen On On
allow_url_include Off Off
always_populate_raw_post_data Off Off
arg_separator.input & &
arg_separator.output & &
asp_tags Off Off
auto_append_file no value no value
auto_globals_jit On On
auto_prepend_file no value no value
browscap no value no value
default_charset no value no value
default_mimetype text/html text/html
define_syslog_variables Off Off
detect_unicode On On
disable_classes no value no value
disable_functions no value no value
display_errors On On
display_startup_errors Off Off
doc_root no value no value
docref_ext no value no value
docref_root no value no value
enable_dl On On
error_append_string no value no value
error_log no value no value
error_prepend_string no value no value
error_reporting 6135 6135
expose_php On On
extension_dir /usr/local/lib/php/20060613 /usr/local/lib/php/20060613
file_uploads On On
highlight.bg #FFFFFF #FFFFFF
highlight.comment #FF8000 #FF8000
highlight.default #0000BB #0000BB
highlight.html #000000 #000000
highlight.keyword #007700 #007700
highlight.string #DD0000 #DD0000
html_errors On On
ignore_repeated_errors Off Off
ignore_repeated_source Off Off
ignore_user_abort Off Off
implicit_flush Off Off
include_path .:/usr/local/share/pear .:/usr/local/share/pear
log_errors Off Off
log_errors_max_len 1024 1024
magic_quotes_gpc On On
magic_quotes_runtime Off Off
magic_quotes_sybase Off Off
mail.force_extra_parameters no value no value
max_execution_time 30 30
max_input_nesting_level 64 64
max_input_time 60 60
memory_limit 128M 128M
open_basedir /usr/local/syncer:/var/www:/tmp/:/var/tmp/:/usr/local/share/pear:/usr/sbin /usr/local/syncer:/var/www:/tmp/:/var/tmp/:/usr/local/share/pear:/usr/sbin
output_buffering no value no value
output_handler no value no value
post_max_size 8M 8M
precision 12 12
realpath_cache_size 16K 16K
realpath_cache_ttl 120 120
register_argc_argv On On
register_globals Off Off
register_long_arrays On On
report_memleaks On On
report_zend_debug On On
safe_mode Off Off
safe_mode_exec_dir no value no value
safe_mode_gid Off Off
safe_mode_include_dir no value no value
sendmail_from no value no value
sendmail_path /usr/sbin/sendmail -t -i /usr/sbin/sendmail -t -i
serialize_precision 100 100
short_open_tag On On
SMTP localhost localhost
smtp_port 25 25
sql.safe_mode Off Off
suhosin.log.phpscript 0 0
suhosin.log.phpscript.is_safe Off Off
suhosin.log.phpscript.name no value no value
suhosin.log.sapi no value no value
suhosin.log.script no value no value
suhosin.log.script.name no value no value
suhosin.log.syslog no value no value
suhosin.log.syslog.facility no value no value
suhosin.log.syslog.priority no value no value
suhosin.log.use-x-forwarded-for Off Off
track_errors Off Off
unserialize_callback_func no value no value
upload_max_filesize 16M 16M
upload_tmp_dir no value no value
user_dir no value no value
variables_order EGPCS EGPCS
xmlrpc_error_number 0 0
xmlrpc_errors Off Off
y2k_compliance On On
zend.ze1_compatibility_mode Off Off
bz2
BZip2 Support Enabled
Stream Wrapper support compress.bz2://
Stream Filter support bzip2.decompress, bzip2.compress
BZip2 Version 1.0.4, 20-Dec-2006
cgi-fcgi
Directive Local Value Master Value
cgi.check_shebang_line 1 1
cgi.fix_pathinfo 1 1
cgi.force_redirect 1 1
cgi.nph 0 0
cgi.redirect_status_env no value no value
cgi.rfc2616_headers 0 0
fastcgi.logging 1 1
ctype
ctype functions enabled
curl
cURL support enabled
cURL Information libcurl/7.18.0 OpenSSL/0.9.8e zlib/1.2.3 libssh2/0.18
date
date/time support enabled
"Olson" Timezone Database Version 2008.2
Timezone Database internal
Default timezone Europe/Berlin
Directive Local Value Master Value
date.default_latitude 31.7667 31.7667
date.default_longitude 35.2333 35.2333
date.sunrise_zenith 90.583333 90.583333
date.sunset_zenith 90.583333 90.583333
date.timezone no value no value
dom
DOM/XML enabled
DOM/XML API Version 20031129
libxml Version 2.6.32
HTML Support enabled
XPath Support enabled
XPointer Support enabled
Schema Support enabled
RelaxNG Support enabled
filter
Input Validation and Filtering enabled
Revision $Revision: 1.74 $
Directive Local Value Master Value
filter.default unsafe_raw unsafe_raw
filter.default_flags no value no value
ftp
FTP support enabled
gd
GD Support enabled
GD Version bundled (2.0.34 compatible)
FreeType Support enabled
FreeType Linkage with freetype
FreeType Version 2.3.7
T1Lib Support enabled
GIF Read Support enabled
GIF Create Support enabled
JPG Support enabled
PNG Support enabled
WBMP Support enabled
XPM Support enabled
XBM Support enabled
gmp
gmp support enabled
GMP version 4.2.2
hash
hash support enabled
Hashing Engines md2 md4 md5 sha1 sha256 sha384 sha512 ripemd128 ripemd160 ripemd256 ripemd320 whirlpool tiger128,3 tiger160,3 tiger192,3 tiger128,4 tiger160,4 tiger192,4 snefru gost adler32 crc32 crc32b haval128,3 haval160,3 haval192,3 haval224,3 haval256,3 haval128,4 haval160,4 haval192,4 haval224,4 haval256,4 haval128,5 haval160,5 haval192,5 haval224,5 haval256,5
iconv
iconv support enabled
iconv implementation libiconv
iconv library version 1.11
Directive Local Value Master Value
iconv.input_encoding ISO-8859-1 ISO-8859-1
iconv.internal_encoding ISO-8859-1 ISO-8859-1
iconv.output_encoding ISO-8859-1 ISO-8859-1
imap
IMAP c-Client Version 2004
SSL Support enabled
json
json support enabled
json version 1.2.1
ldap
LDAP Support enabled
RCS Version $Id: ldap.c,v 1.161.2.3.2.12 2007/12/31 07:20:07 sebastian Exp $
Total Links 0/unlimited
API Version 3001
Vendor Name OpenLDAP
Vendor Version 20342
libxml
libXML support active
libXML Version 2.6.32
libXML streams enabled
mbstring
Multibyte Support enabled
Multibyte string engine libmbfl
Multibyte (japanese) regex support enabled
Multibyte regex (oniguruma) version 4.4.4
Multibyte regex (oniguruma) backtrack check On
mbstring extension makes use of "streamable kanji code filter and converter", which is distributed under the GNU Lesser General Public License version 2.1.
Directive Local Value Master Value
mbstring.detect_order no value no value
mbstring.encoding_translation Off Off
mbstring.func_overload 0 0
mbstring.http_input pass pass
mbstring.http_output pass pass
mbstring.internal_encoding ISO-8859-1 no value
mbstring.language neutral neutral
mbstring.script_encoding no value no value
mbstring.strict_detection Off Off
mbstring.substitute_character no value no value
mcrypt
mcrypt support enabled
Version 2.5.8
Api No 20021217
Supported ciphers cast-128 gost rijndael-128 twofish arcfour cast-256 loki97 rijndael-192 saferplus wake blowfish-compat des rijndael-256 serpent xtea blowfish enigma rc2 tripledes
Supported modes cbc cfb ctr ecb ncfb nofb ofb stream
Directive Local Value Master Value
mcrypt.algorithms_dir no value no value
mcrypt.modes_dir no value no value
mhash
MHASH support Enabled
MHASH API Version 20060101
mssql
MSSQL Support enabled
Active Persistent Links 0
Active Links 0
Library version FreeTDS
Directive Local Value Master Value
mssql.allow_persistent On On
mssql.batchsize 0 0
mssql.charset no value no value
mssql.compatability_mode Off Off
mssql.connect_timeout 5 5
mssql.datetimeconvert On On
mssql.max_links Unlimited Unlimited
mssql.max_persistent Unlimited Unlimited
mssql.max_procs Unlimited Unlimited
mssql.min_error_severity 10 10
mssql.min_message_severity 10 10
mssql.secure_connection Off Off
mssql.textlimit Server default Server default
mssql.textsize Server default Server default
mssql.timeout 60 60
mysql
MySQL Support enabled
Active Persistent Links 0
Active Links 0
Client API version 5.0.51a
MYSQL_MODULE_TYPE no value
MYSQL_SOCKET /tmp/mysql.sock
MYSQL_INCLUDE no value
MYSQL_LIBS no value
Directive Local Value Master Value
mysql.allow_persistent On On
mysql.connect_timeout 60 60
mysql.default_host no value no value
mysql.default_password no value no value
mysql.default_port no value no value
mysql.default_socket no value no value
mysql.default_user no value no value
mysql.max_links Unlimited Unlimited
mysql.max_persistent Unlimited Unlimited
mysql.trace_mode Off Off
mysqli
MysqlI Support enabled
Client API library version 5.0.51a
Client API header version 5.0.51a
MYSQLI_SOCKET /tmp/mysql.sock
Directive Local Value Master Value
mysqli.default_host no value no value
mysqli.default_port 3306 3306
mysqli.default_pw no value no value
mysqli.default_socket no value no value
mysqli.default_user no value no value
mysqli.max_links Unlimited Unlimited
mysqli.reconnect Off Off
openssl
OpenSSL support enabled
OpenSSL Version OpenSSL 0.9.8e 23 Feb 2007
pcre
PCRE (Perl Compatible Regular Expressions) Support enabled
PCRE Library Version 7.6 2008-01-28
Directive Local Value Master Value
pcre.backtrack_limit 100000 100000
pcre.recursion_limit 100000 100000
pdf
PDF Support enabled
PDFlib GmbH Version 7.0.2
PECL Version 2.1.5
Revision $Revision: 1.7 $
PDO
PDO support enabled
PDO drivers sqlite, mysql
pdo_mysql
PDO Driver for MySQL, client library version 5.0.51a
pdo_sqlite
PDO Driver for SQLite 3.x enabled
PECL Module version (bundled) 1.0.1 $Id: pdo_sqlite.c,v 1.10.2.6.2.3 2007/12/31 07:20:10 sebastian Exp $
SQLite Library 3.3.7
posix
Revision $Revision: 1.70.2.3.2.18 $
Reflection
Reflection enabled
Version $Id: php_reflection.c,v 1.164.2.33.2.50 2008/03/13 15:56:21 iliaa Exp $
session
Session Support enabled
Registered save handlers files user
Registered serializer handlers php php_binary wddx
Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_httponly Off Off
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 7200 7200
session.gc_probability 1 1
session.hash_bits_per_character 4 4
session.hash_function 0 0
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path no value no value
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid 0 0
SimpleXML
Simplexml support enabled
Revision $Revision: 1.151.2.22.2.39 $
Schema support enabled
snmp
NET-SNMP Support enabled
NET-SNMP Version 5.4.1.2
soap
Soap Client enabled
Soap Server enabled
Directive Local Value Master Value
soap.wsdl_cache 1 1
soap.wsdl_cache_dir /tmp /tmp
soap.wsdl_cache_enabled 1 1
soap.wsdl_cache_limit 5 5
soap.wsdl_cache_ttl 86400 86400
sockets
Sockets Support enabled
SPL
SPL support enabled
Interfaces Countable, OuterIterator, RecursiveIterator, SeekableIterator, SplObserver, SplSubject
Classes AppendIterator, ArrayIterator, ArrayObject, BadFunctionCallException, BadMethodCallException, CachingIterator, DirectoryIterator, DomainException, EmptyIterator, FilterIterator, InfiniteIterator, InvalidArgumentException, IteratorIterator, LengthException, LimitIterator, LogicException, NoRewindIterator, OutOfBoundsException, OutOfRangeException, OverflowException, ParentIterator, RangeException, RecursiveArrayIterator, RecursiveCachingIterator, RecursiveDirectoryIterator, RecursiveFilterIterator, RecursiveIteratorIterator, RecursiveRegexIterator, RegexIterator, RuntimeException, SimpleXMLIterator, SplFileInfo, SplFileObject, SplObjectStorage, SplTempFileObject, UnderflowException, UnexpectedValueException
SQLite
SQLite support enabled
PECL Module version 2.0-dev $Id: sqlite.c,v 1.166.2.13.2.10 2007/12/31 07:20:11 sebastian Exp $
SQLite Library 2.8.17
SQLite Encoding iso8859
Directive Local Value Master Value
sqlite.assoc_case 0 0
standard
Regex Library Bundled library enabled
Dynamic Library Support enabled
Path to sendmail /usr/sbin/sendmail -t -i
Directive Local Value Master Value
assert.active 1 1
assert.bail 0 0
assert.callback no value no value
assert.quiet_eval 0 0
assert.warning 1 1
auto_detect_line_endings 0 0
default_socket_timeout 60 60
safe_mode_allowed_env_vars PHP_ PHP_
safe_mode_protected_env_vars LD_LIBRARY_PATH LD_LIBRARY_PATH
url_rewriter.tags a=href,area=href,frame=src,input=src,form=,fieldset= a=href,area=href,frame=src,input=src,form=,fieldset=
user_agent no value no value
tidy
Tidy support enabled
libTidy Release 18 June 2008
Extension Version 2.0 ($Id: tidy.c,v 1.66.2.8.2.25 2007/12/31 07:20:14 sebastian Exp $)
Directive Local Value Master Value
tidy.clean_output no value no value
tidy.default_config no value no value
tokenizer
Tokenizer Support enabled
wddx
WDDX Support enabled
WDDX Session Serializer enabled
xml
XML Support active
XML Namespace Support active
libxml2 Version 2.6.32
xmlreader
XMLReader enabled
xmlrpc
core library version xmlrpc-epi v. 0.51
php extension version 0.51
author Dan Libby
homepage http://xmlrpc-epi.sourceforge.net
open sourced by Epinions.com
xmlwriter
XMLWriter enabled
xsl
XSL enabled
libxslt Version 1.1.24
libxslt compiled against libxml Version 2.6.32
EXSLT enabled
libexslt Version 1.1.24
yaz
YAZ Support enabled
PHP/YAZ Version 1.0.14
YAZ Version 3.0.26
Compiled with YAZ version 3.0.26
zip
Zip enabled
Extension Version $Id: php_zip.c,v 1.99 2007/01/18 02:05:18 pajoye Exp $
Zip version 1.9.0
Libzip version 0.7.1
zlib
ZLib Support enabled
Stream Wrapper support compress.zlib://
Stream Filter support zlib.inflate, zlib.deflate
Compiled Version 1.2.3
Linked Version 1.2.3
Directive Local Value Master Value
zlib.output_compression Off Off
zlib.output_compression_level -1 -1
zlib.output_handler no value no value
Additional Modules
Module Name
Environment
Variable Value
DOCUMENT_ROOT /var/www/syncer/public
GATEWAY_INTERFACE CGI/1.1
HTTP_ACCEPT application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
HTTP_ACCEPT_CHARSET ISO-8859-1,utf-8;q=0.7,*;q=0.3
HTTP_ACCEPT_ENCODING gzip,deflate,sdch
HTTP_ACCEPT_LANGUAGE nl-NL,nl;q=0.8,en-US;q=0.6,en;q=0.4
HTTP_CONNECTION keep-alive
HTTP_HOST woefwafserver
HTTP_USER_AGENT Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
PATH /bin:/usr/bin
QUERY_STRING no value
REDIRECT_STATUS 200
REMOTE_ADDR
REMOTE_PORT 55182
REQUEST_METHOD GET
REQUEST_URI /phpinfo
SCRIPT_FILENAME /var/www/syncer/public/phpinfo.php
SCRIPT_NAME /phpinfo.php
SERVER_ADDR
SERVER_ADMIN noc@dootall.com
SERVER_NAME woefwafserver
SERVER_PORT 80
SERVER_PROTOCOL HTTP/1.1
SERVER_SIGNATURE no value
SERVER_SOFTWARE Apache/2.2.9 (FreeBSD) mod_ssl/2.2.9 OpenSSL/0.9.8e DAV/2
UNIQUE_ID TSRPyFuO@yYAAK0zCxsAAAAU
PHP Variables
Variable Value
_SERVER["DOCUMENT_ROOT"] /var/www/syncer/public
_SERVER["GATEWAY_INTERFACE"] CGI/1.1
_SERVER["HTTP_ACCEPT"] application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
_SERVER["HTTP_ACCEPT_CHARSET"] ISO-8859-1,utf-8;q=0.7,*;q=0.3
_SERVER["HTTP_ACCEPT_ENCODING"] gzip,deflate,sdch
_SERVER["HTTP_ACCEPT_LANGUAGE"] nl-NL,nl;q=0.8,en-US;q=0.6,en;q=0.4
_SERVER["HTTP_CONNECTION"] keep-alive
_SERVER["HTTP_HOST"] woefwafserver
_SERVER["HTTP_USER_AGENT"] Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
_SERVER["PATH"] /bin:/usr/bin
_SERVER["QUERY_STRING"] no value
_SERVER["REDIRECT_STATUS"] 200
_SERVER["REMOTE_ADDR"]
_SERVER["REMOTE_PORT"] 55182
_SERVER["REQUEST_METHOD"] GET
_SERVER["REQUEST_URI"] /phpinfo
_SERVER["SCRIPT_FILENAME"] /var/www/syncer/public/phpinfo.php
_SERVER["SCRIPT_NAME"] /phpinfo.php
_SERVER["SERVER_ADDR"]
_SERVER["SERVER_ADMIN"] noc@dootall.com
_SERVER["SERVER_NAME"] woefwafserver
_SERVER["SERVER_PORT"] 80
_SERVER["SERVER_PROTOCOL"] HTTP/1.1
_SERVER["SERVER_SIGNATURE"] no value
_SERVER["SERVER_SOFTWARE"] Apache/2.2.9 (FreeBSD) mod_ssl/2.2.9 OpenSSL/0.9.8e DAV/2
_SERVER["UNIQUE_ID"] TSRPyFuO@yYAAK0zCxsAAAAU
_SERVER["PHP_SELF"] /phpinfo.php
_SERVER["REQUEST_TIME"] 1294225352
_SERVER["argv"]
Array
(
)
_SERVER["argc"] 0
_ENV["DOCUMENT_ROOT"] /var/www/syncer/public
_ENV["GATEWAY_INTERFACE"] CGI/1.1
_ENV["HTTP_ACCEPT"] application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
_ENV["HTTP_ACCEPT_CHARSET"] ISO-8859-1,utf-8;q=0.7,*;q=0.3
_ENV["HTTP_ACCEPT_ENCODING"] gzip,deflate,sdch
_ENV["HTTP_ACCEPT_LANGUAGE"] nl-NL,nl;q=0.8,en-US;q=0.6,en;q=0.4
_ENV["HTTP_CONNECTION"] keep-alive
_ENV["HTTP_HOST"] woefwafserver
_ENV["HTTP_USER_AGENT"] Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10
_ENV["PATH"] /bin:/usr/bin
_ENV["QUERY_STRING"] no value
_ENV["REDIRECT_STATUS"] 200
_ENV["REMOTE_ADDR"]
_ENV["REMOTE_PORT"] 55182
_ENV["REQUEST_METHOD"] GET
_ENV["REQUEST_URI"] /phpinfo
_ENV["SCRIPT_FILENAME"] /var/www/syncer/public/phpinfo.php
_ENV["SCRIPT_NAME"] /phpinfo.php
_ENV["SERVER_ADDR"]
_ENV["SERVER_ADMIN"] noc@dootall.com
_ENV["SERVER_NAME"] woefwafserver
_ENV["SERVER_PORT"] 80
_ENV["SERVER_PROTOCOL"] HTTP/1.1
_ENV["SERVER_SIGNATURE"] no value
_ENV["SERVER_SOFTWARE"] Apache/2.2.9 (FreeBSD) mod_ssl/2.2.9 OpenSSL/0.9.8e DAV/2
_ENV["UNIQUE_ID"] TSRPyFuO@yYAAK0zCxsAAAAU
PHP License
This program is free software; you can redistribute it and/or modify it under the terms of the PHP License as published by the PHP Group and included in the distribution in the file: LICENSE
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
If you did not receive a copy of the PHP license, or have any questions about PHP licensing, please contact license@php.net.
Login not working for me with version 1.1 and 1.1.1 and php version 5.2.14. Cache cleared and tested with Firefox and Chrome
see possible solution: http://forum.piwik.org/read.php?2,70673,page=1#msg-70691
Replying to matt:
see possible solution: http://forum.piwik.org/read.php?2,70673,page=1#msg-70691
Thank you for your response, but this does not solve the trouble for me. Still unable to login...
I'll investigate further the problem when I'll get a bit of free time (not before several days).
Alexandre
(In [3644]) refs #1958 - improve form security error message
So far, the phpinfo hasn't helped. I'd like to see what's causing the login to fail.
In core/Nonce.php, add some debugging, login, send us the output, and then remove the debugging.
static public function verifyNonce($id, $cnonce)
{
$ns = new Piwik_Session_Namespace($id);
$nonce = $ns->nonce;
var_dump($_SERVER); die; // add this line
// validate token
if(empty($cnonce) || $cnonce !== $nonce)
{
return false;
}
Hello,
Here is the result (coockies removed just before) :
array(34) { [string(24) "TSVgUlQQXBsAAHOzMfoAAAEJ" "SCRIPT_URL"=> string(16) "/piwik/index.php" [string(42) "http://www.madecoperso.com/piwik/index.php" "HTTP_HOST"=> string(19) "www.madecoperso.com" [string(112) "Mozilla/5.0 (X11; U; Linux x86_64; fr; rv:1.9.2.14pre) Gecko/20110102 Ubuntu/10.10 (maverick) Namoroka/3.6.14pre" "HTTP_ACCEPT"=> string(63) "text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8" [string(35) "fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3" "HTTP_ACCEPT_ENCODING"=> string(12) "gzip,deflate" [string(30) "ISO-8859-1,utf-8;q=0.7,*;q=0.7" "HTTP_KEEP_ALIVE"=> string(3) "115" [string(10) "keep-alive" "HTTP_REFERER"=> string(102) "http://www.madecoperso.com/piwik/index.php?module=CoreHome&action=index&idSite=1&period=day&date=today" [string(164) "piwik_auth=login%3DImFsZXhhbmRyZS5qYWJvcnNrYSI%3D%3Atokenauth%3DIjRmNGNmNGYwYzg4OTk3MmM5NTExODIwYTZjYTlhMWQyIg%3D%3D%3A%3Dfbb3345b96d389589a49508d9d300e5a39160d8d" "CONTENT_TYPE"=> string(33) "application/x-www-form-urlencoded" [string(2) "96" "PATH"=> string(91) "/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/opt/apache/bin:/opt/mysql/bin" [string(0) "" "SERVER_SOFTWARE"=> string(6) "Apache" [string(19) "www.madecoperso.com" "SERVER_ADDR"=> string(11) "84.16.92.27" [string(2) "80" "REMOTE_ADDR"=> string(14) "89.170.133.208" [string(46) "/home/www/ab09e4ca36157e8de9f2c9cdd0d79844/web" "SERVER_ADMIN"=> string(25) "webmaster@madecoperso.com" [string(62) "/home/www/ab09e4ca36157e8de9f2c9cdd0d79844/web/piwik/index.php" "REMOTE_PORT"=> string(5) "56284" [string(7) "CGI/1.1" "SERVER_PROTOCOL"=> string(8) "HTTP/1.1" [string(4) "POST" "QUERY_STRING"=> string(59) "module=CoreHome&action=index&idSite=1&period=day&date=today" [string(76) "/piwik/index.php?module=CoreHome&action=index&idSite=1&period=day&date=today" "SCRIPT_NAME"=> string(16) "/piwik/index.php" [string(16) "/piwik/index.php" "REQUEST_TIME"=> int(1294295122) }
See also report in forum with php ini: http://forum.piwik.org/read.php?2,70782
Hmmm... the piwik_auth cookie is set, and the query string shows that ajaborsk was redirected to CoreHome.
Try deleting the files in piwik/tmp/assets/.
I deleted files in piwik/tmp/assets/
No change.
two of the users in the forum thread given by matt are using Infomaniak.ch services, as me. Maybe a .htaccess issue ?
Alexandre
One more report possibly a different bug?
http://forum.piwik.org/read.php?2,70874 After upgrade to 1.1.1, I got error when I logout from a login session, here is the error:
Warning: session_regenerate_id() href='function.session-regenerate-id'>function.session-regenerate-id</a>: Session object destruction failed in \wwwroot\piwik\libs\Zend\Session.php on line 313
Here is the backtrace:
Different bug; fixed in r3659
Are only Infomaniak users affected? I've made no progress in code inspection or trying to reproduce the problem using different php versions and php.ini settings.
I do, and I'm not an Infomaniak customer. Piwik is self hosted, on an old XServe (MacOS X 10.4).
Piwik is updated using cvs : version 1.1.1 revision 3690. The login is broken since the update to version 1.1.
Here is the result of the var_dump() :
array(34) {
["CONTENT_LENGTH"] => "90"
["CONTENT_TYPE"] => "application/x-www-form-urlencoded"
["DOCUMENT_ROOT"] => "/Library/WebServer/html/server/www"
["HTTP_ACCEPT"] => "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
["HTTP_ACCEPT_CHARSET"] => "ISO-8859-1,utf-8;q=0.7,*;q=0.7"
["HTTP_ACCEPT_ENCODING"] => "gzip, deflate"
["HTTP_ACCEPT_LANGUAGE"] => "fr-fr,fr;q=0.8,en-us;q=0.5,en;q=0.3"
["HTTP_CONNECTION"] => "keep-alive"
["HTTP_COOKIE"] => "piwik_auth=login%3DIlAxdzFrIg%3D%3D%3Atoken_auth%3DIjcwMmFmMGIzZDhlMTgxMGI3ZjZmODViYTkyYTZjODI3Ig%3D%3D%3A_%3D11cc71c7f164a89de459262048cd2fac298150c5; PIWIK_SESSID=4k0j3b2nnudl623fk9t2onk8v2"
["HTTP_HOST"] => "server.u-paris10.fr"
["HTTP_KEEP_ALIVE"] => "115"
["HTTP_REFERER"] => "http://server.u-paris10.fr/piwik/index.php"
["HTTP_USER_AGENT"] => "Mozilla/5.0 (X11; Linux i686; rv:2.0b9pre) Gecko/20110110 Firefox-4.0/4.0b9pre"
["PATH"] => "/usr/local/php5/oracle:/bin:/sbin:/usr/bin:/usr/sbin:/usr/libexec:/System/Library/CoreServices"
["REMOTE_ADDR"] => "10.25.xx.xx"
["REMOTE_PORT"] => "39787"
["SCRIPT_FILENAME"] => "/Library/WebServer/html/server/piwik/www/index.php"
["SERVER_ADDR"] => "193.50.xx.xx"
["SERVER_ADMIN"] => "server@u-paris10.fr"
["SERVER_NAME"] => "server.u-paris10.fr"
["SERVER_PORT"] => "80"
["SERVER_SIGNATURE"] => ""
["SERVER_SOFTWARE"] => "Apache/1.3.41 (Darwin) PHP/5.2.4 mod_ssl/2.8.31 OpenSSL/0.9.7l"
["GATEWAY_INTERFACE"] => "CGI/1.1"
["SERVER_PROTOCOL"] => "HTTP/1.1"
["REQUEST_METHOD"] => "POST"
["QUERY_STRING"] => ""
["REQUEST_URI"] => "/piwik/index.php"
["SCRIPT_NAME"] => "/piwik/index.php"
["PATH_TRANSLATED"] => "/Library/WebServer/html/server/piwik/www/index.php"
["PHP_SELF"] => "/piwik/index.php"
["REQUEST_TIME"] => int(1294650398)
["argv"] => array(0) { }
["argc"] => int(0)
}
I aded my phpinfo() as an attachment under the name phpinfo-xserve.html.
(In [3706]) quick fixes #1958 - always use safe_serialize/safe_unserialize as there are sites with custom php builds that exhibit buggy json_encode/json_decode behaviour preventing login; since we use json_encode/json_decode for the dashboard, we can debug further there
p.s. Infomaniak's conclusion (posted in the forum) is inaccurate, and their bug fix is wrong (in more ways than one).
1) json_encode/json_decode is not a 5.3 feature. It was added in php 5.2.0. (I tested with 5.2.0, 5.2.1, 5.2.13, 5.2.14, 5.2.16, and 5.2.17 without Infomaniak's "fix". One of the phpinfo I received shows php was built with --disable-all, and then --enable specific extensions.)
2) their "fix" to use preg_match(/5.2.1/, PHP_VERSION) no longer matches broken 5.2.0, and excludes 5.2.2 through 5.2.9, but includes 5.2.10 - 5.2.17 (latest 5.2.x); boggle
(In [3709]) delete invalid cookies, refs #1958
(In [3712]) refs #1958 - discard entire cookie content if any part fails to unserialize
(In [3713]) refs #1958 - yet another typo
p.s. I got access to an Infomaniak account, and traced the problem to a broken json_encode. Infomaniak did some more troubleshooting and identified the problem as a broken php build (i.e., they were still using the pecl extension for json instead of the one bundled with php 5.2.x).
Reported in: http://forum.piwik.org/read.php?2,70605 and http://forum.piwik.org/read.php?2,70653
and in emails with FTP access.
Please post your phpinfo() here, or send piwik URL + login + password + FTP or SSH access to anthon@piwik.org and matt@piwik.org